Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/e98bf7-c5c8-4561-97e8-e13160ac3e23/1/xAqOocjcM7gpD-vTTkU4vZWXROg.mft
File:                     xAqOocjcM7gpD-vTTkU4vZWXROg.mft (raw, json)
Hash identifier:          3gStPJNl1THOwRuM+AJ2CNtV593/LRQ/Jz0LaIxgH70=
Subject key identifier:   CD:A2:F4:BF:4D:A5:9B:97:63:19:35:00:17:72:18:99:F3:6C:A5:CD
Authority key identifier: C4:0A:8E:A1:C8:DC:33:B8:29:0F:EB:D3:4E:45:38:BD:95:97:44:E8
Certificate issuer:       /CN=c40a8ea1c8dc33b8290febd34e4538bd959744e8
Certificate serial:       0196748BE89A0A58F65F431A2C7DB1C9CEE4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xAqOocjcM7gpD-vTTkU4vZWXROg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e6/e98bf7-c5c8-4561-97e8-e13160ac3e23/1/xAqOocjcM7gpD-vTTkU4vZWXROg.mft
Manifest number:          149E
Signing time:             Sun 27 Apr 2025 00:00:48 +0000
Manifest this update:     Sun 27 Apr 2025 00:00:48 +0000
Manifest next update:     Mon 28 Apr 2025 00:00:48 +0000
Files and hashes:         1: xAqOocjcM7gpD-vTTkU4vZWXROg.crl (hash: YKDN5fWKfIaU75NS1zmZZZ0ONUrpEdHW1aHOmUjHTQ4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e6/e98bf7-c5c8-4561-97e8-e13160ac3e23/1/xAqOocjcM7gpD-vTTkU4vZWXROg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e6/e98bf7-c5c8-4561-97e8-e13160ac3e23/1/xAqOocjcM7gpD-vTTkU4vZWXROg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/xAqOocjcM7gpD-vTTkU4vZWXROg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 28 Apr 2025 00:00:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:74:8b:e8:9a:0a:58:f6:5f:43:1a:2c:7d:b1:c9:ce:e4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c40a8ea1c8dc33b8290febd34e4538bd959744e8
        Validity
            Not Before: Apr 27 00:00:48 2025 GMT
            Not After : Apr 28 00:00:48 2025 GMT
        Subject: CN=cda2f4bf4da59b976319350017721899f36ca5cd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d5:1e:10:73:fa:37:19:25:d2:72:0c:cf:28:c3:
                    80:70:a8:35:73:e4:d9:e4:f8:f2:b1:0f:39:8c:97:
                    79:f7:cf:7f:6f:c3:38:94:96:fd:b6:56:73:d4:9b:
                    de:60:6f:6d:5d:92:a5:98:f8:f2:ff:d6:46:be:fd:
                    35:a5:55:b3:c9:44:82:dd:8e:09:80:0a:2a:c1:3a:
                    af:0a:d5:74:a5:1f:58:ee:e3:39:7a:94:f0:e4:4c:
                    70:0d:1e:18:b0:a8:82:b1:43:3e:53:82:f9:cb:3e:
                    e1:bb:67:0a:27:00:91:e5:6e:0e:33:4b:f2:98:13:
                    fc:24:cf:16:ac:c8:e3:3e:5f:62:79:41:b3:91:58:
                    c2:3f:96:84:67:67:71:2c:ec:22:15:c1:dd:82:bc:
                    77:c5:07:49:30:ab:13:f8:7f:72:9c:8f:3c:a3:95:
                    6e:f9:48:77:26:9b:47:e3:3e:e5:c8:6f:2d:d6:7b:
                    a3:3e:4c:93:3c:f5:ee:e8:50:06:f5:2b:33:8d:3c:
                    70:02:62:80:36:bc:49:53:9d:8a:12:d3:ed:7c:04:
                    7d:95:a9:8b:90:d1:c4:68:77:f4:a2:88:5f:79:ae:
                    d1:2a:79:65:ec:6a:48:48:8d:d6:1b:f7:d2:3b:fe:
                    3b:01:57:9d:70:7e:ef:1b:c1:ca:00:69:d4:33:40:
                    e5:69
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CD:A2:F4:BF:4D:A5:9B:97:63:19:35:00:17:72:18:99:F3:6C:A5:CD
            X509v3 Authority Key Identifier:
                keyid:C4:0A:8E:A1:C8:DC:33:B8:29:0F:EB:D3:4E:45:38:BD:95:97:44:E8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xAqOocjcM7gpD-vTTkU4vZWXROg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/e98bf7-c5c8-4561-97e8-e13160ac3e23/1/xAqOocjcM7gpD-vTTkU4vZWXROg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/e98bf7-c5c8-4561-97e8-e13160ac3e23/1/xAqOocjcM7gpD-vTTkU4vZWXROg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8b:76:89:e6:23:0e:0c:1a:08:a1:f9:b5:20:b2:1b:58:4d:ea:
         a1:49:15:5e:07:e9:2c:bd:f1:e5:67:ab:f0:b1:a0:af:c2:5d:
         e5:75:d1:0a:2c:07:c2:16:5e:61:dd:83:2a:66:03:ba:84:84:
         ff:49:f2:1b:34:8d:8e:c1:80:f5:4c:99:11:65:90:c8:3a:30:
         aa:10:6c:ab:47:ea:6a:ba:2e:df:f2:14:a2:0b:14:f6:15:47:
         ee:ab:55:1e:d5:18:b4:82:3e:86:8c:34:0b:ac:72:f3:19:4c:
         61:04:15:54:5c:a6:23:3b:db:5c:90:1d:66:48:bf:7e:8a:8e:
         14:66:1c:fa:00:b9:9a:bd:f3:ec:04:80:3e:5b:59:ea:f9:62:
         da:6b:fc:bc:7c:db:91:9b:cd:f8:c9:77:bf:88:c4:24:f0:0d:
         17:78:11:fe:c8:f6:e6:5d:4c:b6:46:b0:e0:b9:4d:2a:40:ed:
         f0:f6:ed:0d:d0:e1:0c:13:51:af:7b:9c:d5:05:9d:f5:5e:25:
         58:d8:e8:31:82:24:52:a9:a3:15:93:a9:25:91:bd:21:ba:e2:
         f1:83:ac:37:7c:71:0e:dd:10:9c:47:1a:85:b9:0b:03:42:64:
         d5:32:7d:e3:f8:4b:46:7d:89:23:78:be:63:5c:b1:60:43:21:
         ea:cb:80:02
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ0i+iaClj2X0MaLH2xyc7kMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0MGE4ZWExYzhkYzMzYjgyOTBmZWJkMzRlNDUzOGJkOTU5
NzQ0ZTgwHhcNMjUwNDI3MDAwMDQ4WhcNMjUwNDI4MDAwMDQ4WjAzMTEwLwYDVQQD
EyhjZGEyZjRiZjRkYTU5Yjk3NjMxOTM1MDAxNzcyMTg5OWYzNmNhNWNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1R4Qc/o3GSXScgzPKMOAcKg1c+TZ
5PjysQ85jJd5989/b8M4lJb9tlZz1JveYG9tXZKlmPjy/9ZGvv01pVWzyUSC3Y4J
gAoqwTqvCtV0pR9Y7uM5epTw5ExwDR4YsKiCsUM+U4L5yz7hu2cKJwCR5W4OM0vy
mBP8JM8WrMjjPl9ieUGzkVjCP5aEZ2dxLOwiFcHdgrx3xQdJMKsT+H9ynI88o5Vu
+Uh3JptH4z7lyG8t1nujPkyTPPXu6FAG9SszjTxwAmKANrxJU52KEtPtfAR9lamL
kNHEaHf0oohfea7RKnll7GpISI3WG/fSO/47AVedcH7vG8HKAGnUM0DlaQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFM2i9L9NpZuXYxk1ABdyGJnzbKXNMB8GA1UdIwQY
MBaAFMQKjqHI3DO4KQ/r005FOL2Vl0ToMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveEFxT29jamNNN2dwRC12VFRrVTR2WldYUk9nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi9lOThiZjctYzVjOC00NTYxLTk3ZTgt
ZTEzMTYwYWMzZTIzLzEveEFxT29jamNNN2dwRC12VFRrVTR2WldYUk9nLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi9lOThiZjctYzVjOC00NTYxLTk3ZTgtZTEzMTYwYWMzZTIz
LzEveEFxT29jamNNN2dwRC12VFRrVTR2WldYUk9nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAi3aJ5iMO
DBoIofm1ILIbWE3qoUkVXgfpLL3x5Wer8LGgr8Jd5XXRCiwHwhZeYd2DKmYDuoSE
/0nyGzSNjsGA9UyZEWWQyDowqhBsq0fqarou3/IUogsU9hVH7qtVHtUYtII+how0
C6xy8xlMYQQVVFymIzvbXJAdZki/foqOFGYc+gC5mr3z7ASAPltZ6vli2mv8vHzb
kZvN+Ml3v4jEJPANF3gR/sj25l1Mtkaw4LlNKkDt8PbtDdDhDBNRr3uc1QWd9V4l
WNjoMYIkUqmjFZOpJZG9Ibri8YOsN3xxDt0QnEcahbkLA0Jk1TJ94/hLRn2JI3i+
Y1yxYEMh6suAAg==
-----END CERTIFICATE-----